/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package logic.filter;

import beans.util.ExtendedDataTableBean;
import db.entities.Medic;
import db.entities.Patient;
import java.io.IOException;
import java.io.PrintStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.NoResultException;
import javax.persistence.Persistence;
import javax.persistence.TypedQuery;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import logger.Log;


/**
 *
 * @author guybrush
 */

public class MedicF implements Filter {
    
    private static final boolean debug = true;
    // The filter configuration object we are associated with.  If
    // this value is null, this filter instance is not currently
    // configured. 
    private FilterConfig filterConfig = null;

    public MedicF() {
    }

    private void doBeforeProcessing(ServletRequest request, ServletResponse response)
            throws IOException, ServletException {
        Log.getLogger().error("Do before processing");
        authenticateUser(request, response);
    }

    private void doAfterProcessing(ServletRequest request, ServletResponse response)
            throws IOException, ServletException {
    }

    /**
     *
     * @param request The servlet request we are processing
     * @param response The servlet response we are creating
     * @param chain The filter chain we are processing
     *
     * @exception IOException if an input/output error occurs
     * @exception ServletException if a servlet error occurs
     */
    public void doFilter(ServletRequest request, ServletResponse response,
            FilterChain chain)
            throws IOException, ServletException {

        Log.getLogger().error("DO FILTER");

        doBeforeProcessing(request, response);

        Throwable problem = null;
        try {
            chain.doFilter(request, response);
        } catch (Throwable t) {
            // If an exception is thrown somewhere down the filter chain,
            // we still want to execute our after processing, and then
            // rethrow the problem after that.
            problem = t;
            t.printStackTrace();
        }

        doAfterProcessing(request, response);

        // If there was a problem, we want to rethrow it if it is
        // a known type, otherwise log it.
        if (problem != null) {
            if (problem instanceof ServletException) {
                throw (ServletException) problem;
            }
            if (problem instanceof IOException) {
                throw (IOException) problem;
            }
            sendProcessingError(problem, response);
        }
    }

    /**
     * Return the filter configuration object for this filter.
     */
    public FilterConfig getFilterConfig() {
        return (this.filterConfig);
    }

    /**
     * Set the filter configuration object for this filter.
     *
     * @param filterConfig The filter configuration object
     */
    public void setFilterConfig(FilterConfig filterConfig) {
        this.filterConfig = filterConfig;
    }

    /**
     * Destroy method for this filter 
     */
    public void destroy() {
    }

    /**
     * Init method for this filter 
     */
    public void init(FilterConfig filterConfig) {
        this.filterConfig = filterConfig;
        if (filterConfig != null) {
            if (debug) {
                Log.getLogger().info("Inizializzo filtro");
            }
        }
    }

    /**
     * Return a String representation of this object.
     */
    @Override
    public String toString() {
        if (filterConfig == null) {
            return ("Medic()");
        }
        StringBuffer sb = new StringBuffer("Medic(");
        sb.append(filterConfig);
        sb.append(")");
        return (sb.toString());
    }

    private void sendProcessingError(Throwable t, ServletResponse response) {
        String stackTrace = getStackTrace(t);

        if (stackTrace != null && !stackTrace.equals("")) {
            try {
                response.setContentType("text/html");
                PrintStream ps = new PrintStream(response.getOutputStream());
                PrintWriter pw = new PrintWriter(ps);
                pw.print("<html>\n<head>\n<title>Error</title>\n</head>\n<body>\n"); //NOI18N

                // PENDING! Localize this for next official release
                pw.print("<h1>The resource did not process correctly</h1>\n<pre>\n");
                pw.print(stackTrace);
                pw.print("</pre></body>\n</html>"); //NOI18N
                pw.close();
                ps.close();
                response.getOutputStream().close();
            } catch (Exception ex) {
            }
        } else {
            try {
                PrintStream ps = new PrintStream(response.getOutputStream());
                t.printStackTrace(ps);
                ps.close();
                response.getOutputStream().close();
            } catch (Exception ex) {
            }
        }
    }

    public static String getStackTrace(Throwable t) {
        String stackTrace = null;
        try {
            StringWriter sw = new StringWriter();
            PrintWriter pw = new PrintWriter(sw);
            t.printStackTrace(pw);
            pw.close();
            sw.close();
            stackTrace = sw.getBuffer().toString();
        } catch (Exception ex) {
        }
        return stackTrace;
    }

    public void log(String msg) {
        filterConfig.getServletContext().log(msg);
    }
    
    /*
     *funzione che autentica l'user. In caso di esito negativo ritorna errore 401
     */
    private void authenticateUser(ServletRequest request, ServletResponse response)
            throws IOException, ServletException {
        Log.getLogger().error("auth medic");
        
        ExtendedDataTableBean med = null;
        HttpSession sess = ((HttpServletRequest) request).getSession();
        
        med = (ExtendedDataTableBean) sess.getAttribute("extendedDataTableBean");
        Log.getLogger().error((med==null) + " ");
        
        if (med == null)
        {
            Log.getLogger().error("No Med in Session -> Query Database");
            
            String username = request.getParameter("login-panel:username");
            String password = request.getParameter("login-panel:password");
            
            EntityManagerFactory emf = Persistence.createEntityManagerFactory("PortaleVisitePU");
            EntityManager em = emf.createEntityManager();
            
            TypedQuery<Medic> query = em.createNamedQuery("Medic.findByUsernameAndPassword", Medic.class);
            
            try {
                med = query.setParameter("username", username).setParameter("password", password).getSingleResult().getExtended();
                //distingue minuscole da maiuscole. SQL NON LO FA!!
                //if (!med.getUsername().equals(username) || !med.getPassword().equals(password)) throw new NoResultException();
            } catch (NoResultException ex) {
                
                //Il Paziente non è presente nel dabase -> pagina di errore
                Log.getLogger().error("No result for patient");
                ((HttpServletResponse) response).sendRedirect("/PortaleVisite/faces/pages/error/forbidden.jsp");
            }
            
            sess.setAttribute("extendedDataTableBean", med);
        }
    }

}

   